<!--#include file="utf-8.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="saferequest.asp"-->
<%
Response.ContentType = "application/json"
logout=saferequest("logout",0)
if logout="logout" then
	session.abandon
	response.write("{""login"":false}")
Else
	If Session("MM_Reg")="ccrecord" Then
		response.write("{""login"":true,""usr"":"""&Session("MM_User")&""",""flag"":"&Session("MM_Flag")&"}")
	else
		usr=saferequest("usr",0)
		pass=saferequest("pass",0)
		sql="select * from auth where usr='"&usr&"' and pass='"&pass&"'"
		'response.write(sql)
		'response.end
		set rs = Server.CreateObject("ADODB.Recordset")
		rs.open sql,conn,1,1
		if not rs.eof then
			Session("MM_Id")=rs("id")
			Session("MM_User")=rs("usr")
			Session("MM_Flag")=rs("flag")
			Session("MM_Reg")="ccrecord"
			session.TimeOut=60
			response.write("{""login"":true,""usr"":"""&rs("usr")&""",""flag"":"&rs("flag")&"}")
		else
			response.write("{""login"":false}")
		end if
		rs.close
		set rs=Nothing
	End If
end if
conn.close
set conn=nothing
%>
